Hi, I use StrgonSwan 5.2 with Debian and IKEv1. I've peers where some (all, 2 of 8, etc.) tunnels get disconnected after some time. When there is (new) traffic for the vanished tunnel the tunnel will not be reestablished. Even more strange, the sending process "thinks" every thing is OK, e.g. Cups sends print jobs to port 9100 to a printer connected by a vanished tunnel and Cups does not notice that there could be no connection to the printer as there is no tunnel. The print job is marked as done. The data seems to be sent to nowhere. I've tried all three settings for "auto" (add, route, start), none makes a difference. DPD is no option as not all peers support this.
Is there a way to configure StrongSwan to keep all tunnel up all the time without DPD? Why does StrongSwan shut down tunnels? I've used Bintec routers and Cisco ASA and others. None showed this "strange" behavior ... TIA Matthias -- MHC SoftWare GmbH Fichtera 17 96274 Itzgrund/Germany voice: +49-(0)9533-92006-0 fax: +49-(0)9533-92006-6 e-mail: [email protected] HR Coburg: B2242 Geschaeftsfuehrer: Matthias Henze
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
